def submit(): msg = request.form['msg'] fh = request.files['fh'] strip_metadata = True if 'notclean' in request.form else False fnames = [] if msg: fnames.append(store.save_message_submission(g.sid, msg)) flash("Thanks! We received your message.", "notification") if fh: fnames.append(store.save_file_submission(g.sid, fh.filename, fh.stream, fh.content_type, strip_metadata)) flash("Thanks! We received your document '%s'." % fh.filename or '[unnamed]', "notification") for fname in fnames: submission = Submission(g.source, fname) db_session.add(submission) if g.source.pending: g.source.pending = False # Generate a keypair now, if there's enough entropy (issue #303) entropy_avail = int(open('/proc/sys/kernel/random/entropy_avail').read()) if entropy_avail >= 2400: crypto_util.genkeypair(g.sid, g.codename) g.source.last_updated = datetime.now() db_session.commit() normalize_timestamps(g.sid) return redirect(url_for('lookup'))
def test_genkeypair(self): codename = crypto_util.genrandomid() filesystem_id = crypto_util.hash_codename(codename) journalist_filename = crypto_util.display_id() source = db.Source(filesystem_id, journalist_filename) db.db_session.add(source) db.db_session.commit() crypto_util.genkeypair(source.filesystem_id, codename) self.assertIsNotNone(crypto_util.getkey(filesystem_id))
def async_genkey(sid, codename): crypto_util.genkeypair(sid, codename) # Register key generation as update to the source, so sources will # filter to the top of the list in the document interface if a # flagged source logs in and has a key generated for them. #789 try: source = Source.query.filter(Source.filesystem_id == sid).one() source.last_updated = datetime.utcnow() db_session.commit() except Exception as e: app.logger.error("async_genkey for source (sid={}): {}".format(sid, e))
def init_source(): """Initialize a source: create their database record, the filesystem directory that stores their submissions & replies, and their GPG key encrypted with their codename. Return a source object and their codename string. :returns: A 2-tuple. The first entry, the :class:`db.Source` initialized. The second, their codename string. """ source, codename = init_source_without_keypair() crypto_util.genkeypair(source.filesystem_id, codename) return source, codename
def init_source(): """Initialize a source: create their database record, the filesystem directory that stores their submissions & replies, and their GPG key encrypted with their codename. Return a source object and their codename string. :returns: A 2-tuple. The first entry, the :class:`db.Source` initialized. The second, their codename string. """ # Create source identity and database record codename = crypto_util.genrandomid() filesystem_id = crypto_util.hash_codename(codename) journalist_filename = crypto_util.display_id() source = db.Source(filesystem_id, journalist_filename) db.db_session.add(source) db.db_session.commit() # Create the directory to store their submissions and replies os.mkdir(store.path(source.filesystem_id)) # Generate their key, blocking for as long as necessary crypto_util.genkeypair(source.filesystem_id, codename) return source, codename
def async_genkey(sid, codename): with app.app_context(): background.execute(lambda: crypto_util.genkeypair(sid, codename))